this post was submitted on 18 Jul 2024
156 points (97.0% liked)

Selfhosted

40951 readers
808 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Welcome to version v1.109.0 of Immich. This release introduces an additional way for you to support Immich financially as well as bug fixes for various issues. Some of the highlights in this release include:

Immich license pricing is $25 per user or $99 per server for a lifetime license.

you are viewing a single comment's thread
view the rest of the comments
[–] jet@hackertalks.com 0 points 5 months ago (1 children)

you don’t trust your own hardware?

no, I do not. Thats the whole reason data at rest should be encrypted.

[–] traches@sh.itjust.works 1 points 5 months ago (1 children)

So you trust your phone and its closed source OS with your photos, but your Linux server can’t see them?

I’m having a hard time imagining what Immich could do other than file syncing in this scenario

[–] jet@hackertalks.com 2 points 5 months ago (1 children)

My phone isn't closed source. And no, I don't trust it fully either, I limit the amount of trust given to any datastream to the minimum necessary to get the functionality I want.

If you wanted a client side encrypted image service, yes syncing would be a major benefit, or you do the image tagging/scanning client side before going to the cloud, or after the fact. Just limit where the unencrypted data exists in the system.

[–] traches@sh.itjust.works 1 points 5 months ago (1 children)

Ok, that’s totally fair. Your needs are valid, but most of us just want a self-hosted google photos replacement that’s good enough our families won’t complain. Just being self hosted improves security and privacy immensely; E2EE would be an incremental improvement in this regard while having major drawbacks for usability.

[–] jet@hackertalks.com 2 points 5 months ago* (last edited 5 months ago)

oh yeah, 100%; I like the focus of immich, I like that it exists, we are all better for the option.

I was just wishing up thread that client side encryption was in the roadmap, if for no other reason that when they make architectural decisions now they leave some room for a encrypted block pivot.

not sure about drawbacks though; what does a cloud photo provider do? 99.9999999% of the time its just blocks at rest on disk; Sometimes it does image recognition, face recognition, and photo sharing; All 3 of these can be done in a end to end encrypted way (yes, with a few more hoops, it would add work, no doubt)